CVE-2021-31347

Name	CVE-2021-31347
Description	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-2705-1
Debian Bugs	989360, 989361, 989363, 989364

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mapcache (PTS)	bullseye	1.10.0-2	vulnerable
	bookworm	1.14.0-1	vulnerable
	trixie, sid	1.14.1-1	vulnerable
netcdf (PTS)	bullseye	1:4.7.4-1	vulnerable
	bookworm	1:4.9.0-3	fixed
	trixie, sid	1:4.9.2-7	fixed
netcdf-parallel (PTS)	bullseye	1:4.7.4-1	vulnerable
	bookworm	1:4.9.0-1	fixed
	trixie, sid	1:4.9.0-4	fixed
scilab (PTS)	bullseye	6.1.0+dfsg1-7	vulnerable
	bookworm	6.1.1+dfsg2-6	vulnerable
	trixie, sid	2024.1.0+dfsg-6	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
mapcache	source	(unstable)	(unfixed)	unimportant		989363
netcdf	source	stretch	(not affected)
netcdf	source	(unstable)	1:4.9.0-1			989360
netcdf-parallel	source	(unstable)	1:4.9.0-1			989361
scilab	source	stretch	5.5.2-4+deb9u1		DLA-2705-1
scilab	source	(unstable)	(unfixed)	unimportant		989364

Notes

[bullseye] - netcdf <ignored> (Minor issue)
[buster] - netcdf <ignored> (Minor issue)
[stretch] - netcdf <not-affected> (vulnerable code not present)
[bullseye] - netcdf-parallel <ignored> (Minor issue)
[buster] - netcdf-parallel <ignored> (Minor issue)
https://sourceforge.net/p/ezxml/bugs/27/
mapcache only uses ezxml to parse config files which are trusted